Microsoft AZ-104 Practice Test - Questions Answers, Page 9

As cooling period and scale in and scale out durations are not displayed in the graphical view, so we need to consider the default values as below for these settings.

Cool down (minutes) : The amount of time to wait before the rule is applied again so that the autoscale actions have time to take effect. Default is 5 minutes.

Duration : The amount of time monitored before the metric and threshold values are compared.

Default is 10 minutes.

Box 1: 4 virtual machines

The Autoscale scale out rule increases the number of VMs by 2 if the CPU threshold is 80% or higher for more than or equals to 10 mins due to default duration for scale in and out is 10 minutes. Since

CPU utilization at 85% only lasts for 6 mins , it does not trigger the rules.

Hence no of virtual machines will be same as the initial value which is 4.

Box 2: 4 virtual machines

The Autoscale scale in rule decreases the number of VMs by 4 if the CPU threshold is 30% or lower for more than or equal to 10 mins. due to default duration for scale in and out is 10 minutes . Since

CPU utilization at 30% only lasts for 6 mins , it does not trigger the rules. Hence after first 6 mins instance count will be same as initial count as 4. After that CPU utilization reached to 50% for 6 mins , which again would not trigger the scale in rule. Therefore no of virtual machines will be same as the initial value which is 4.

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-overview

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-common-scale-patterns

Box 1: StorageV2

You may only tier your object storage data to hot, cool, or archive in Blob storage and General Purpose v2 (GPv2) accounts. General Purpose v1 (GPv1) accounts do not support tiering.

General-purpose v2 accounts deliver the lowest per-gigabyte capacity prices for Azure Storage, as well as industry-competitive transaction prices.

Box 2: Standard_GRS

Geo-redundant storage (GRS): Cross-regional replication to protect against region-wide unavailability.

Incorrect Answers:

Locally-redundant storage (LRS): A simple, low-cost replication strategy. Data is replicated within a single storage scale unit.

Read-access geo-redundant storage (RA-GRS): Cross-regional replication with read access to the replica. RA-GRS provides read-only access to the data in the secondary location, in addition to georeplication across two regions, but is more expensive compared to GRS.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy-grs

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

As per the official MS doc:

The recommended steps to onboard on Azure File Sync for the first with zero downtime while preserving full file fidelity and access control list (ACL) are as follows:

1. Deploy a Storage Sync Service. --> This needs to be done on Azure .

2. Create a sync group. --> This needs to be done on Azure

3. Install Azure File Sync agent on the server with the full data set. --> This needs to be done on server1.

4. Register that server and create a server endpoint on the share. --> This needs to be done on server1.

5. Let sync do the full upload to the Azure file share (cloud endpoint).

6. After the initial upload is complete, install Azure File Sync agent on each of the remaining servers.

7. Create new file shares on each of the remaining servers.

8. Create server endpoints on new file shares with cloud tiering policy, if desired. (This step requires additional storage to be available for the initial setup.)

9. Let Azure File Sync agent do a rapid restore of the full namespace without the actual data transfer.

After the full namespace sync, sync engine will fill the local disk space based on the cloud tiering policy for the server endpoint.

10. Ensure sync completes and test your topology as desired.

11. Redirect users and applications to this new share.

12. You can optionally delete any duplicate shares on the servers.

First action: Create a Storage Sync Service

The deployment of Azure File Sync starts with placing a Storage Sync Service resource into a resource group of your selected subscription.

Second action: Create a sync group

A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on a registered server.

A server can have server endpoints in multiple sync groups. You can create as many sync groups as you need to appropriately describe your desired sync topology.

Third action: Run Server Registration

Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service. A server can only be registered to one

Storage Sync Service and can sync with other servers and Azure file shares associated with the same

Storage Sync Service. )

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deploymentguide? tabs=azure-portal

Box 1: never

For Subnet 10.2.9.0/24, endpoint (Refer to first endpoint) is not enabled into the storage account shown in the exhibit. Hence there would not be any connectivity to the file shares in storage account.

To establish this connection you must have to enable the endpoint.

Box 2: never

After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account. As this required setting is missing , so Azure backup will not be able to take backup of unmanaged disks.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azurestorage-firewalls-and-virtual-networks/

B: Modify the driveset.csv file in the root folder where the tool resides.

C: Modify the dataset.csv file in the root folder where the tool resides. Depending on whether you want to import a file or folder or both, add entries in the dataset.csv file

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-datato-files

Box 1: make

Here the purpose is to 'create a container". So the correct command would be azcopy make.

Box 2: blob

The requirement is for storing that image, it's not used to build AKS. So blob is correct option.

Reference:

https://adamtheautomator.com/azcopy-copy-files/

File1: Endpoint3 only

Cloud Tiering: A switch to enable or disable cloud tiering. When enabled, cloud tiering will tier files to your Azure file shares. This converts on-premises file shares into a cache, rather than a complete copy of the dataset, to help you manage space efficiency on your server. With cloud tiering, infrequently used or accessed files can be tiered to Azure Files.

File2: Endpoint1, Endpoint2, and Endpoint3

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-cloud-tiering

Box 1: No

Administrator accounts are special accounts with elevated permissions. To secure them, the following restrictions apply to changing passwords of administrators:

On-premises enterprise administrators or domain administrators cannot reset their password through Self-service password reset (SSPR). They can only change their password in their onpremises environment. Thus, we recommend not syncing on-prem AD admin accounts to Azure AD.

An administrator cannot use secret Questions & Answers as a method to reset password.

Box 2: Yes

Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset their passwords without needing to contact IT staff.

Box 3: Yes

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment

User3 requires a user account in Azure AD.

Note: Your Azure AD password is considered an authentication method. It is the one method that cannot be disabled.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authenticationmethods